Skip to content

Instantly share code, notes, and snippets.

@jkwiecien
jkwiecien / retrofit2_rxjava_proguard_config
Last active September 15, 2020 08:43
Retrofit2 + RxJava proguard config.
########--------Retrofit + RxJava--------#########
-dontwarn retrofit.**
-keep class retrofit.** { *; }
-dontwarn sun.misc.Unsafe
-dontwarn com.octo.android.robospice.retrofit.RetrofitJackson**
-dontwarn retrofit.appengine.UrlFetchClient
-keepattributes Signature
-keepattributes Exceptions
-keepclasseswithmembers class * {
@retrofit.http.* <methods>;
@sdrapkin
sdrapkin / Login.gov encryption is badly designed.md
Last active December 6, 2018 15:03
Login.gov encryption is badly designed

Login.gov encryption is badly designed

Disclaimer: everything that follows is a personal opinion - not an assertion of fact.

Regulatory/Compliance flaws

NIST has created Federal Information Processing Standard (FIPS) 140-2: Security Requirements for Cryptographic Modules. FIPS requirements are mandatory for Federal Government agencies, as prescribed by FISMA law. FIPS-140-2 Annex D covers Approved Key Establishment Techniques. The only FIPS-approved password-based key derivation algorithm is PBKDF2 (NIST SP800-132). Login.gov uses scrypt, which is not FIPS-approved. The FIPS-approved key-derivation algorithms are mostly covered by NIST SP800-108. Login.gov uses several custom approaches for key derivation, none of which are FIPS-approved.

Summary:
@lmj0011
lmj0011 / rejson-for-ubuntu.md
Last active November 4, 2024 10:18
Building and Loading the ReJSON v1 Module on Linux Ubuntu 16.04 for Redis

make sure you have at least redis v4.0+

redis-server --version

redis-cli --version

install the build-essential package

apt-get install build-essential